package com.juphoon.oauth.authorize;

import com.juphoon.oauth.core.authorize.AuthorizeConfigProvider;
import com.juphoon.oauth.core.config.Const;
import com.juphoon.oauth.core.properties.SecurityConstants;
import com.juphoon.oauth.core.properties.SecurityProperties;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.stereotype.Component;

/**
 * @author rongbin.huang
 * @create 2018-07-03 下午11:28
 **/
@Component
public class AppAuthorizeConfigProvider implements AuthorizeConfigProvider {


    @Autowired
    private SecurityProperties securityProperties;


    @Override
    public boolean config(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry config) {
        config.antMatchers(SecurityConstants.REFRESH_URL).permitAll();
        if (StringUtils.isNotEmpty(securityProperties.getOauth2().getPermitUrls())) {
            String[] split = securityProperties.getOauth2().getPermitUrls().split(",");
            config.antMatchers(split).permitAll();
        }

        return false;
    }
}
